Democratic Underground Latest Greatest Lobby Journals Search Options Help Login
Google

Windows 'shortcut' attack code goes public

Printer-friendly format Printer-friendly format
Printer-friendly format Email this thread to a friend
Printer-friendly format Bookmark this thread
Home » Discuss » Topic Forums » National Security Donate to DU
 
Elmore Furth Donating Member (1000+ posts) Send PM | Profile | Ignore Mon Jul-19-10 07:15 AM
Original message
Windows 'shortcut' attack code goes public
I hope none of our government comuputers are running Windows.



A security researcher on Sunday published a working exploit of a critical Windows vulnerability, making it more likely that attacks will spread.

According to a security advisory issued Friday by Microsoft, hackers can use a malicious shortcut file, identified by the ".lnk" extension, to automatically run their malware simply by getting a user to view the contents of a folder containing the shortcut. Malware can also automatically execute on some systems when a USB drive is plugged into the PC.

All versions of Windows, including the just-released beta of Windows 7 Service Pack 1 (SP1), as well as the recently retired Windows XP SP2 and Windows 2000, contain the bug.

Sunday, a researcher known as "Ivanlef0u" published proof-of-concept code to several locations on the Internet. Later that day, Belgian researcher Didier Stevens -- who in late March revealed a serious design flaw in Adobe's PDF document format -- confirmed that Ivanlef0u's code could be tweaked to create an effective attack.



Windows 'shortcut' attack code goes public
Refresh | +11 Recommendations Printer Friendly | Permalink | Reply | Top
AllyCat Donating Member (1000+ posts) Send PM | Profile | Ignore Mon Jul-19-10 07:57 AM
Response to Original message
1. Does this explain why our computer locks up every time the log off command
executes with anything plugged into the usb? Including the wireless mouse? Microsoft sucks. Wish I knew more about computers so I could run Linux. Next computer will be a MAC.
Printer Friendly | Permalink | Reply | Top
 
rbixby Donating Member (716 posts) Send PM | Profile | Ignore Mon Jul-19-10 09:10 AM
Response to Reply #1
2. That doesn't sound like a microsoft issue
It sounds like a hardware issue, not something to do with your operating system. The problem probably stems from your motherboard, or the motherboard manufacturer providing poorly written drivers for the USB devices. I'd recommend checking with your computer manufacturer for updates for that software. 99% of the issues people have with Windows don't come from the operating system itself, but from lazy programmers writing drivers for hardware. You have to remember that with Macs, there is only one type of hardware, so there's not much need to write software that's compatible with many different kinds. This is also why Macs are more expensive and you end up with much less computer for your money when you buy one. They also tend to have the same amount of problems that PCs do, just most Mac users don't say anything about it, because its a threat to their sense of superiority.
Printer Friendly | Permalink | Reply | Top
 
xfundy Donating Member (1000+ posts) Send PM | Profile | Ignore Mon Jul-19-10 11:14 AM
Response to Reply #2
3. Mac hater!!
The best part of your screed was claiming Mac heads don't complain to keep a "sense of superiority."

It is to laugh.
Printer Friendly | Permalink | Reply | Top
 
rbixby Donating Member (716 posts) Send PM | Profile | Ignore Mon Jul-19-10 01:41 PM
Response to Reply #3
4. That's just been my experience at my workplace
When I have mac users complain about an issue with their computer, I ask them how long it has been going on, and they almost always tell me its been weeks or months, but finally they can't do something because of the problem. I can only speak from my own experience here.
Printer Friendly | Permalink | Reply | Top
 
sofa king Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Jul-22-10 11:02 AM
Response to Reply #3
6. No offense, but I actually saw that happen just last year.
A place was implementing some new system, and the MS people worked for months to get the MS systems into 100% compliance with it. The Mac guys did nothing and said, "it'll work fine with Macs."

On rollout day, everything failed, because the Mac systems had only limited functionality, which the Mac guys knew from day one. When the bosses started raising hell about it, saying the Macs didn't work, the Mac guys simply said, "yes they do," and pointed to the partial functionality as evidence that they did.

The place responded by dropping Apple support from the implementation, and, as I understand it, the Apple people are looking at early retirement.

You can believe it or not, because I don't dare offer any details. But I saw it happen.
Printer Friendly | Permalink | Reply | Top
 
AllyCat Donating Member (1000+ posts) Send PM | Profile | Ignore Mon Jul-19-10 01:52 PM
Response to Reply #2
5. Happened after an upgrade to SP3 for XP.
It's really a pain.
Printer Friendly | Permalink | Reply | Top
 
DU AdBot (1000+ posts) Click to send private message to this author Click to view this author's profile Click to add this author to your buddy list Click to add this author to your Ignore list Thu Oct 09th 2025, 06:07 PM
Response to Original message
Advertisements [?]
 Top

Home » Discuss » Topic Forums » National Security Donate to DU

Powered by DCForum+ Version 1.1 Copyright 1997-2002 DCScripts.com
Software has been extensively modified by the DU administrators

Important Notices: By participating on this discussion board, visitors agree to abide by the rules outlined on our Rules page. Messages posted on the Democratic Underground Discussion Forums are the opinions of the individuals who post them, and do not necessarily represent the opinions of Democratic Underground, LLC.

Home  |  Discussion Forums  |  Journals |  Store  |  Donate

About DU  |  Contact Us  |  Privacy Policy

Got a message for Democratic Underground? Click here to send us a message.

© 2001 - 2011 Democratic Underground, LLC